On 06/09/16(Tue) 13:54, Jens Sauer wrote:
> Hello Martin,
> hello OpenBSD Community,
>
> I have tested it again with OpenBSD 6.0 current #2250 and could reproducible
> get the same result (Kernel Crash). Seems like the ping isn't involved
> because the kernel crash happens even without it after changing the
> RA p-/vlifetime to 5/3. The crash occurs just a couple of seconds after it.
Thanks for testing. Here's a diff that should prevent this panic, could
you confirm it works for you?
Index: netinet6/nd6_rtr.c
===================================================================
RCS file: /cvs/src/sys/netinet6/nd6_rtr.c,v
retrieving revision 1.144
diff -u -p -r1.144 nd6_rtr.c
--- netinet6/nd6_rtr.c 2 Sep 2016 11:51:07 -0000 1.144
+++ netinet6/nd6_rtr.c 7 Sep 2016 11:58:14 -0000
@@ -1972,9 +1972,11 @@ in6_ifadd(struct nd_prefix *pr, int priv
ifra.ifra_flags |= IN6_IFF_AUTOCONF|IN6_IFF_TENTATIVE;
- /* allocate ifaddr structure, link into chain, etc. */
+ /* If this address already exists, update it. */
+ ia6 = in6ifa_ifpwithaddr(ifp, &ifra.ifra_addr.sin6_addr);
+
s = splsoftnet();
- error = in6_update_ifa(ifp, &ifra, NULL);
+ error = in6_update_ifa(ifp, &ifra, ia6);
splx(s);
if (error != 0) {
